<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
// +----------------------------------------------------------------------
// | AES [ NO ZUO NO DIE ]
// +----------------------------------------------------------------------
// | Copyright (c) 2010-2017 http://www.bocweb.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: Hanj
// +----------------------------------------------------------------------

//----------------------------------
// Acl-权限hook
//----------------------------------
class Acl {

	private $CI;
	private $url_class;  // 当前模型
	private $url_method; // 当前方法

	public function __construct()
	{
		$this->CI =&get_instance();
		$this->url_class = $this->CI->router->class;
		$this->url_method = $this->CI->router->method;
		$this->CI->load->library('AES', array('key' => 'UID'));
	}

	// hook
	public function auth(){
		if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit(1);
		// 接口类型判断
		$this->CI->IS_APP = FALSE;
		$this->CI->APP_V  = '1.0.0';

		// 判断是否为APP请求 tty (0:iOS,1:Android,2:Web)
		$tty   = $this->em_getallheaders('PLATFORM');//平台(0:iOS,1:Android,2:Web)
		// 权限控制
		$token = $this->em_getallheaders('AUTHORIZATION');//上次登录后产生的令牌
        switch($tty){
			case 0:
			case 1:
				$tty=true;
				break;
			case 2:
				$tty=false;
				break;
			default:
				$tty=false;
				break;
		}
		if ($this->CI->IS_APP = $tty) {

			// 版本控制
			if ($ver = $this->em_getallheaders('BOCVER')) {

				// 版本号
				$this->CI->APP_V = $ver;
			}

			// 签名校验
//			$sign = md5($this->url_class.$this->url_method.$token);
//			if ($sign != $this->em_getallheaders('BOCSIGN') ) {
//				$vdata = array('ReturnCode'   => '0011'
//					         , 'ReturnInfo' => '请求非法，签名失败'
//					         , 'ReturnTime' => time()
//					         , 'Content' => (object)array());
//
//				header('Content-type: application/json');
//				exit(json_encode($vdata));
//			}
		}
		$UID   = $this->CI->session->userdata('UAID');
		if (! $token && ! $UID) {
			// ALLOW CONTORLLER METHOD
			$allow_class = array( 'userCommon'
								, 'common'
				                , 'redirect'
				                , 'validate'
				                , 'crontab'
				                , 'news'
				                , 'project'
				                , 'contract', 'welcome', 'test','member','share');

			if ( ! in_array($this->url_class, $allow_class) ) {

				$vdata = array('ReturnCode'   => '0014'
					         , 'Msg' => '您的登录已经失效，请重新登录'
					         , 'ReturnTime' => time()
					         , 'Data' => (object)array());

				header('Content-type: application/json');
				exit(json_encode($vdata));
			}
		} elseif ( $token ) {
			// 获取 TOKEN INFO
			if ($token_info = json_decode($this->CI->aes->decrypt($token,TokenKEY), 1)) {

				$UID = isset($token_info['id']) ? $token_info['id'] : 0;
			}
			// APP接口验证
			if (!$token_info) {

				$vdata = array('ReturnCode'   => '0011'
						     , 'Msg' => 'TOKEN 验证失败'
						     , 'ReturnTime' => time()
						     , 'Data' => (object)array());
				header('Content-type: application/json');
				exit(json_encode($vdata));
			} else {

				// 单点登录判断
				if ($token_info != $token) {

//					$vdata = array('ReturnCode'   => '0011'
//							     , 'ReturnInfo' => '登录状态失效(其他设备已登陆)'
//							     , 'ReturnTime' => time()
//							     , 'Content' => (object)array());
//					header('Content-type: application/json');
//					exit(json_encode($vdata));
				} else {
					// 延长有效期
					$this->CI->session->set_userdata('UAID', $UID);
				}
			}
            $this->CI->load->model('user_model', 'macc', 'default');
			$this->CI->uinfo = $this->CI->macc->getInfo(array('id'=>$UID,'is_delect'=>0));
		} else {
			// 验证session
			if ( !$UID = $this->CI->session->userdata('UAID') ) {
				$vdata = array('ReturnCode'   => '0011'
					         , 'Msg' => '用户 验证失败'
					         , 'ReturnTime' => time()
					         , 'Data' => (object)array());

				header('Content-type: application/json');
				exit(json_encode($vdata));
			}
            $this->CI->load->model('user_model', 'macc', 'default');
            $this->CI->uinfo = $this->CI->macc->getInfo(array('id'=>$UID,'is_delect'=>0));
		}
		// 数据处理
		// 数据处理
		if ($_SERVER['REQUEST_METHOD'] == 'POST'
			|| $_SERVER['REQUEST_METHOD'] == 'PUT'
			|| $_SERVER['REQUEST_METHOD'] == 'PATCH'
			|| $_SERVER['REQUEST_METHOD'] == 'DELETE') {

			if ($_SERVER['CONTENT_TYPE'] == 'application/json'
				&& $this->url_class != 'fileUpload') {


				// json 解密
				if ($this->CI->IS_APP==0||$this->CI->IS_APP==1||$this->CI->IS_APP==2) {
					switch ($_SERVER['REQUEST_METHOD']) {

						case 'POST':
							if (! $_POST = $this->CI->_post_args) {

								$vdata = array('ReturnCode'   => '-1'
								, 'Msg' => 'CONTENT ERROR'
								, 'ReturnTime' => time()
								, 'Data' => null);

								header('Content-type: application/json');
								exit(json_encode($vdata));
							} else {
								$this->CI->_post_args = $_POST;
							}
							break;
						case 'PUT':

							if (! $_POST = $this->CI->_put_args) {

								$vdata = array('ReturnCode'   => '-1'
								, 'Msg' => 'CONTENT ERROR'
								, 'ReturnTime' => time()
								, 'Data' => null);

								header('Content-type: application/json');
								exit(json_encode($vdata));
							} else {

								$this->CI->_put_args = $_POST;
							}
							break;
						case 'PATCH':

							if (! $_POST = $this->CI->_patch_args) {

								$vdata = array('ReturnCode'   => '-1'
								, 'Msg' => 'CONTENT ERROR'
								, 'ReturnTime' => time()
								, 'Data' => null);

								header('Content-type: application/json');
								exit(json_encode($vdata));
							} else {

								$this->CI->_patch_args = $_POST;
							}
							break;
						case 'DELETE':

							if (! $_POST = $this->CI->_delete_args) {

								$vdata = array('ReturnCode'   => '-1'
								, 'Msg' => 'CONTENT ERROR'
								, 'ReturnTime' => time()
								, 'Data' => null);

								header('Content-type: application/json');
								exit(json_encode($vdata));
							} else {

								$this->CI->_delete_args = $_POST;
							}
							break;

						default:
							if (! $_POST = $this->CI->_post_args) {

								$vdata = array('ReturnCode'   => '-1'
								, 'Msg' => 'CONTENT ERROR'
								, 'ReturnTime' => time()
								, 'Data' => null);

								header('Content-type: application/json');
								exit(json_encode($vdata));
							} else {

								$this->CI->_post_args = $_POST;
							}
							break;
					}
				} else {

					$_POST = $this->CI->_post_args;
				}
			}
		}
	}

	private function em_getallheaders($key=false) {

        foreach ($_SERVER as $name => $value) {

            if (substr($name, 0, 5) == 'HTTP_') {

                $headers[str_replace(' ', '-', ucwords(strtoupper(str_replace('_', ' ', substr($name, 5)))))] = $value;
            }
        }
        if ($key && isset($headers[$key])) {

       		return $headers[$key];
        }
        return false;
    }
}

/* End of file acl.php */
/* Location: .//home/http/bocms/adminer/hooks/acl.php */
